[Freeipa-users] PKI-CA fails to start (broken config after update?)
swartz
netvent at gmail.com
Fri Sep 19 23:02:11 UTC 2014
Hello,
Encountered same issue as described here:
https://www.redhat.com/archives/freeipa-users/2013-July/msg00133.html
https://www.redhat.com/archives/freeipa-users/2014-August/msg00224.html
Plain vanilla IPA setup. No changes, no customizations.
Recently IPA fails to start. Error happened right after a 'yum update'
and reboot.
---------------------------------------
Starting pki-ca: [ OK ]
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.
...
Failed to start CA Service
Shutting down
----------------------------------------
Digging into the matter further...
The line that causes the error above is in
/usr/share/pki/scripts/functions (which is loaded by pki-ca init script):
netstat -antl | grep ${port} > /dev/null
The $port variable is blank so call to grep is without a search
parameter. Hence invalid call to grep and subsequent error msg I'm
seeing as above.
$port is defined just a few lines above as
port=`grep '^pkicreate.unsecure_port='
${pki_instance_configuration_file} | cut -b25- -`
BUT! For whatever reason there is no line that starts with
"pkicreate.unsecure_port" in $pki_instance_configuration_file
(/var/lib/pki-ca/conf/CS.cfg). Thus no port info is ever obtained for
use in grep.
Why there is no such line in config file where one is expected is
unknown to me...
Versions currently installed
ipa-server-3.0.0-37.el6.x86_64
pki-ca-9.0.3-32.el6.noarch
Did updates to pki packages clobber the configs? What got broken? How do
I resolve it?
Thank you.
More information about the Freeipa-users
mailing list